1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: HTTP Foxit Reader PDF BO CVE-2008-1104

Web Attack: HTTP Foxit Reader PDF BO CVE-2008-1104

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in Foxit PDF Reader.

Additional Information

Foxit Reader is prone to a remote buffer-overflow vulnerability when handling PDF files with specially crafted JavaScript code.

Exploiting this issue may allow attackers to corrupt memory and execute arbitrary machine code in the context of users running the affected application. Failed exploits will likely cause denial-of-service conditions.

Affected

  • This issue affects Foxit Reader 2.3 build 2825; other versions may also be affected.

Response

The vendor has released fixes. Please contact the vendor for information on obtaining and applying the updates.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube